A computing device, such as a laptop, a desktop, a tablet computer, a handheld device, or a server, may contain sensitive data that a user does not want disseminated to the general public. Similarly, a service, such as an e-mail account, banking service, social network, or remote work computer access, may contain data that may be damaging in malicious hands. Thus, a computing device or service may use password protection to restrict access to only authorized users who can authenticate a right of access to a user session. A login interface may query the user for a password having a series of characters, such as letters, numbers, and signs. An authentication service may deny access to the user if the characters are an improper order, if the letters are in the wrong case, or if the password fails to match the stored password in any way.
The authentication service may give the user a set number of tries at providing the password before that user is blocked from further attempts to access the computing device or service. The user may then contact an administrator to access the service or computing device, after providing some proof of identification. Such proof of identification may be a government identification or a pre-registered set of questions that presumably only the user can answer. Alternately, if the user fails to provide the proper password, a computing device or service may erase any important data.
An issue of password protection may be that a password that is complex enough to provide a proper level of protection may be too difficult for a user to remember. Most users may often use easily determined passwords like “Guest”, a user's name, or other easily divinable passwords. Users that use a properly complex password may often forget the password, leading to a very frustrating user experience.